| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 // | |
| 5 // Implementation of the ThreatDetails class. | |
| 6 | |
| 7 #include "chrome/browser/safe_browsing/threat_details.h" | |
| 8 | |
| 9 #include <stdint.h> | |
| 10 | |
| 11 #include "base/bind.h" | |
| 12 #include "base/lazy_instance.h" | |
| 13 #include "base/md5.h" | |
| 14 #include "base/strings/string_util.h" | |
| 15 #include "chrome/browser/safe_browsing/threat_details_cache.h" | |
| 16 #include "components/data_use_measurement/core/data_use_user_data.h" | |
| 17 #include "content/public/browser/browser_thread.h" | |
| 18 #include "net/base/host_port_pair.h" | |
| 19 #include "net/base/load_flags.h" | |
| 20 #include "net/base/net_errors.h" | |
| 21 #include "net/http/http_response_headers.h" | |
| 22 #include "net/traffic_annotation/network_traffic_annotation.h" | |
| 23 #include "net/url_request/url_fetcher.h" | |
| 24 #include "net/url_request/url_request_context_getter.h" | |
| 25 #include "net/url_request/url_request_status.h" | |
| 26 | |
| 27 using content::BrowserThread; | |
| 28 | |
| 29 // Only send small files for now, a better strategy would use the size | |
| 30 // of the whole report and the user's bandwidth. | |
| 31 static const uint32_t kMaxBodySizeBytes = 1024; | |
| 32 | |
| 33 namespace safe_browsing { | |
| 34 | |
| 35 ThreatDetailsCacheCollector::ThreatDetailsCacheCollector() | |
| 36 : resources_(NULL), result_(NULL), has_started_(false) {} | |
| 37 | |
| 38 void ThreatDetailsCacheCollector::StartCacheCollection( | |
| 39 net::URLRequestContextGetter* request_context_getter, | |
| 40 ResourceMap* resources, | |
| 41 bool* result, | |
| 42 const base::Closure& callback) { | |
| 43 // Start the data collection from the HTTP cache. We use a URLFetcher | |
| 44 // and set the right flags so we only hit the cache. | |
| 45 DVLOG(1) << "Getting cache data for all urls..."; | |
| 46 request_context_getter_ = request_context_getter; | |
| 47 resources_ = resources; | |
| 48 resources_it_ = resources_->begin(); | |
| 49 result_ = result; | |
| 50 callback_ = callback; | |
| 51 has_started_ = true; | |
| 52 | |
| 53 // Post a task in the message loop, so the callers don't need to | |
| 54 // check if we call their callback immediately. | |
| 55 BrowserThread::PostTask( | |
| 56 BrowserThread::IO, FROM_HERE, | |
| 57 base::BindOnce(&ThreatDetailsCacheCollector::OpenEntry, this)); | |
| 58 } | |
| 59 | |
| 60 bool ThreatDetailsCacheCollector::HasStarted() { | |
| 61 DCHECK_CURRENTLY_ON(BrowserThread::IO); | |
| 62 return has_started_; | |
| 63 } | |
| 64 | |
| 65 ThreatDetailsCacheCollector::~ThreatDetailsCacheCollector() {} | |
| 66 | |
| 67 // Fetch a URL and advance to the next one when done. | |
| 68 void ThreatDetailsCacheCollector::OpenEntry() { | |
| 69 DCHECK_CURRENTLY_ON(BrowserThread::IO); | |
| 70 DVLOG(1) << "OpenEntry"; | |
| 71 | |
| 72 if (resources_it_ == resources_->end()) { | |
| 73 AllDone(true); | |
| 74 return; | |
| 75 } | |
| 76 | |
| 77 if (!request_context_getter_.get()) { | |
| 78 DVLOG(1) << "Missing request context getter"; | |
| 79 AllDone(false); | |
| 80 return; | |
| 81 } | |
| 82 | |
| 83 net::NetworkTrafficAnnotationTag traffic_annotation = | |
| 84 net::DefineNetworkTrafficAnnotation("safe_browsing_cache_collector", R"( | |
| 85 semantics { | |
| 86 sender: "Threat Details Cache Collector" | |
| 87 description: | |
| 88 "This request fetches different items from safe browsing cache " | |
| 89 "and DOES NOT make an actual network request." | |
| 90 trigger: | |
| 91 "When safe browsing extended report is collecting data." | |
| 92 data: | |
| 93 "None" | |
| 94 destination: OTHER | |
| 95 } | |
| 96 policy { | |
| 97 cookies_allowed: false | |
| 98 setting: | |
| 99 "Users can enable or disable this feature by stopping sending " | |
| 100 "security incident reports to Google via disabling 'Automatically " | |
| 101 "report details of possible security incdients to Google.' in " | |
| 102 "Chrome's settings under Advanced Settings, Privacy. The feature " | |
| 103 "is disabled by default." | |
| 104 chrome_policy { | |
| 105 SafeBrowsingExtendedReportingOptInAllowed { | |
| 106 policy_options {mode: MANDATORY} | |
| 107 SafeBrowsingExtendedReportingOptInAllowed: false | |
| 108 } | |
| 109 } | |
| 110 })"); | |
| 111 | |
| 112 current_fetch_ = | |
| 113 net::URLFetcher::Create(GURL(resources_it_->first), net::URLFetcher::GET, | |
| 114 this, traffic_annotation); | |
| 115 data_use_measurement::DataUseUserData::AttachToFetcher( | |
| 116 current_fetch_.get(), | |
| 117 data_use_measurement::DataUseUserData::SAFE_BROWSING); | |
| 118 current_fetch_->SetRequestContext(request_context_getter_.get()); | |
| 119 // Only from cache, and don't save cookies. | |
| 120 current_fetch_->SetLoadFlags(net::LOAD_ONLY_FROM_CACHE | | |
| 121 net::LOAD_SKIP_CACHE_VALIDATION | | |
| 122 net::LOAD_DO_NOT_SAVE_COOKIES); | |
| 123 current_fetch_->SetAutomaticallyRetryOn5xx(false); // No retries. | |
| 124 current_fetch_->Start(); // OnURLFetchComplete will be called when done. | |
| 125 } | |
| 126 | |
| 127 ClientSafeBrowsingReportRequest::Resource* | |
| 128 ThreatDetailsCacheCollector::GetResource(const GURL& url) { | |
| 129 ResourceMap::iterator it = resources_->find(url.spec()); | |
| 130 if (it != resources_->end()) { | |
| 131 return it->second.get(); | |
| 132 } | |
| 133 return NULL; | |
| 134 } | |
| 135 | |
| 136 void ThreatDetailsCacheCollector::OnURLFetchComplete( | |
| 137 const net::URLFetcher* source) { | |
| 138 DVLOG(1) << "OnUrlFetchComplete"; | |
| 139 DCHECK_CURRENTLY_ON(BrowserThread::IO); | |
| 140 DCHECK(current_fetch_.get()); | |
| 141 if (source->GetStatus().status() != net::URLRequestStatus::SUCCESS && | |
| 142 source->GetStatus().error() == net::ERR_CACHE_MISS) { | |
| 143 // Cache miss, skip this resource. | |
| 144 DVLOG(1) << "Cache miss for url: " << source->GetURL(); | |
| 145 AdvanceEntry(); | |
| 146 return; | |
| 147 } | |
| 148 | |
| 149 if (source->GetStatus().status() != net::URLRequestStatus::SUCCESS) { | |
| 150 // Some other error occurred, e.g. the request could have been cancelled. | |
| 151 DVLOG(1) << "Unsuccessful fetch: " << source->GetURL(); | |
| 152 AdvanceEntry(); | |
| 153 return; | |
| 154 } | |
| 155 | |
| 156 // Set the response headers and body to the right resource, which | |
| 157 // might not be the same as the one we asked for. | |
| 158 // For redirects, resources_it_->first != url.spec(). | |
| 159 ClientSafeBrowsingReportRequest::Resource* resource = | |
| 160 GetResource(source->GetURL()); | |
| 161 if (!resource) { | |
| 162 DVLOG(1) << "Cannot find resource for url:" << source->GetURL(); | |
| 163 AdvanceEntry(); | |
| 164 return; | |
| 165 } | |
| 166 | |
| 167 ReadResponse(resource, source); | |
| 168 std::string data; | |
| 169 source->GetResponseAsString(&data); | |
| 170 ReadData(resource, data); | |
| 171 AdvanceEntry(); | |
| 172 } | |
| 173 | |
| 174 void ThreatDetailsCacheCollector::ReadResponse( | |
| 175 ClientSafeBrowsingReportRequest::Resource* pb_resource, | |
| 176 const net::URLFetcher* source) { | |
| 177 DVLOG(1) << "ReadResponse"; | |
| 178 DCHECK_CURRENTLY_ON(BrowserThread::IO); | |
| 179 net::HttpResponseHeaders* headers = source->GetResponseHeaders(); | |
| 180 if (!headers) { | |
| 181 DVLOG(1) << "Missing response headers."; | |
| 182 return; | |
| 183 } | |
| 184 | |
| 185 ClientSafeBrowsingReportRequest::HTTPResponse* pb_response = | |
| 186 pb_resource->mutable_response(); | |
| 187 pb_response->mutable_firstline()->set_code(headers->response_code()); | |
| 188 size_t iter = 0; | |
| 189 std::string name, value; | |
| 190 while (headers->EnumerateHeaderLines(&iter, &name, &value)) { | |
| 191 ClientSafeBrowsingReportRequest::HTTPHeader* pb_header = | |
| 192 pb_response->add_headers(); | |
| 193 pb_header->set_name(name); | |
| 194 // Strip any Set-Cookie headers. | |
| 195 if (base::LowerCaseEqualsASCII(name, "set-cookie")) { | |
| 196 pb_header->set_value(""); | |
| 197 } else { | |
| 198 pb_header->set_value(value); | |
| 199 } | |
| 200 } | |
| 201 | |
| 202 if (!source->WasFetchedViaProxy()) { | |
| 203 pb_response->set_remote_ip(source->GetSocketAddress().ToString()); | |
| 204 } | |
| 205 } | |
| 206 | |
| 207 void ThreatDetailsCacheCollector::ReadData( | |
| 208 ClientSafeBrowsingReportRequest::Resource* pb_resource, | |
| 209 const std::string& data) { | |
| 210 DVLOG(1) << "ReadData"; | |
| 211 DCHECK_CURRENTLY_ON(BrowserThread::IO); | |
| 212 ClientSafeBrowsingReportRequest::HTTPResponse* pb_response = | |
| 213 pb_resource->mutable_response(); | |
| 214 if (data.size() <= kMaxBodySizeBytes) { // Only send small bodies for now. | |
| 215 pb_response->set_body(data); | |
| 216 } | |
| 217 pb_response->set_bodylength(data.size()); | |
| 218 pb_response->set_bodydigest(base::MD5String(data)); | |
| 219 } | |
| 220 | |
| 221 void ThreatDetailsCacheCollector::AdvanceEntry() { | |
| 222 DVLOG(1) << "AdvanceEntry"; | |
| 223 DCHECK_CURRENTLY_ON(BrowserThread::IO); | |
| 224 // Advance to the next resource. | |
| 225 ++resources_it_; | |
| 226 current_fetch_.reset(NULL); | |
| 227 | |
| 228 // Create a task so we don't take over the IO thread for too long. | |
| 229 BrowserThread::PostTask( | |
| 230 BrowserThread::IO, FROM_HERE, | |
| 231 base::BindOnce(&ThreatDetailsCacheCollector::OpenEntry, this)); | |
| 232 } | |
| 233 | |
| 234 void ThreatDetailsCacheCollector::AllDone(bool success) { | |
| 235 DVLOG(1) << "AllDone"; | |
| 236 DCHECK_CURRENTLY_ON(BrowserThread::IO); | |
| 237 *result_ = success; | |
| 238 BrowserThread::PostTask(BrowserThread::IO, FROM_HERE, callback_); | |
| 239 callback_.Reset(); | |
| 240 } | |
| 241 | |
| 242 } // namespace safe_browsing | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2836103002:
Componentize safe_browsing: move threat_details* to component. (Closed)
